feishu-user-plugin 1.1.3 → 1.2.1

package/src/index.js

@@ -6,6 +6,8 @@ const {
   ListToolsRequestSchema,
 } = require('@modelcontextprotocol/sdk/types.js');
 const path = require('path');
+// Local dev fallback: MCP clients inject env vars from config's env block at spawn time.
+// This dotenv line only matters when running locally with a .env file (e.g. during development).
 require('dotenv').config({ path: path.join(__dirname, '..', '.env') });
 const { LarkUserClient } = require('./client');
 const { LarkOfficialClient } = require('./official');
@@ -270,10 +272,10 @@ const TOOLS = [
   },
   {
     name: 'get_chat_info',
-    description: '[User Identity] Get chat details: name, description, member count, owner.',
+    description: '[Official API + User Identity fallback] Get chat details: name, description, member count, owner. Supports both oc_xxx and numeric chat_id.',
     inputSchema: {
       type: 'object',
-      properties: { chat_id: { type: 'string', description: 'Chat ID' } },
+      properties: { chat_id: { type: 'string', description: 'Chat ID (oc_xxx or numeric)' } },
       required: ['chat_id'],
     },
   },
@@ -394,6 +396,17 @@ const TOOLS = [
       required: ['document_id'],
     },
   },
+  {
+    name: 'get_doc_blocks',
+    description: '[Official API] Get structured block tree of a document. Returns block types, content, and hierarchy for precise document analysis.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        document_id: { type: 'string', description: 'Document ID (from search_docs or create_doc)' },
+      },
+      required: ['document_id'],
+    },
+  },
   {
     name: 'create_doc',
     description: '[Official API] Create a new Feishu document.',
@@ -408,6 +421,17 @@ const TOOLS = [
   },
 
   // ========== Bitable — Official API ==========
+  {
+    name: 'create_bitable',
+    description: '[Official API] Create a new Bitable (multi-dimensional table) app.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        name: { type: 'string', description: 'Bitable app name' },
+        folder_id: { type: 'string', description: 'Parent folder token (optional, defaults to root)' },
+      },
+    },
+  },
   {
     name: 'list_bitable_tables',
     description: '[Official API] List all tables in a Bitable app.',
@@ -417,6 +441,23 @@ const TOOLS = [
       required: ['app_token'],
     },
   },
+  {
+    name: 'create_bitable_table',
+    description: '[Official API] Create a new data table in a Bitable app. Optionally define initial fields.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        name: { type: 'string', description: 'Table name' },
+        fields: {
+          type: 'array',
+          description: 'Initial field definitions (optional). Each item: {field_name, type} where type is 1=Text, 2=Number, 3=SingleSelect, 4=MultiSelect, 5=DateTime, 7=Checkbox, 11=User, 13=Phone, 15=URL, 17=Attachment, 18=Link, 20=Formula, 21=DuplexLink, 22=Location, 23=GroupChat, 1001=CreateTime, 1002=ModifiedTime, 1003=Creator, 1004=Modifier',
+          items: { type: 'object' },
+        },
+      },
+      required: ['app_token', 'name'],
+    },
+  },
   {
     name: 'list_bitable_fields',
     description: '[Official API] List all fields (columns) in a Bitable table.',
@@ -429,6 +470,62 @@ const TOOLS = [
       required: ['app_token', 'table_id'],
     },
   },
+  {
+    name: 'create_bitable_field',
+    description: '[Official API] Create a new field (column) in a Bitable table.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        field_name: { type: 'string', description: 'Field display name' },
+        type: { type: 'number', description: 'Field type: 1=Text, 2=Number, 3=SingleSelect, 4=MultiSelect, 5=DateTime, 7=Checkbox, 11=User, 13=Phone, 15=URL, 17=Attachment, 18=Link, 20=Formula, 21=DuplexLink, 22=Location, 23=GroupChat, 1001=CreateTime, 1002=ModifiedTime, 1003=Creator, 1004=Modifier' },
+        property: { type: 'object', description: 'Field-type-specific properties (optional). E.g. for SingleSelect: {options: [{name:"A"},{name:"B"}]}' },
+      },
+      required: ['app_token', 'table_id', 'field_name', 'type'],
+    },
+  },
+  {
+    name: 'update_bitable_field',
+    description: '[Official API] Update an existing field (column) in a Bitable table.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        field_id: { type: 'string', description: 'Field ID to update' },
+        field_name: { type: 'string', description: 'New field name (optional)' },
+        type: { type: 'number', description: 'Field type (REQUIRED by Feishu API, see create_bitable_field for values)' },
+        property: { type: 'object', description: 'Field-type-specific properties (optional)' },
+      },
+      required: ['app_token', 'table_id', 'field_id', 'type'],
+    },
+  },
+  {
+    name: 'delete_bitable_field',
+    description: '[Official API] Delete a field (column) from a Bitable table.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        field_id: { type: 'string', description: 'Field ID to delete' },
+      },
+      required: ['app_token', 'table_id', 'field_id'],
+    },
+  },
+  {
+    name: 'list_bitable_views',
+    description: '[Official API] List all views in a Bitable table.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+      },
+      required: ['app_token', 'table_id'],
+    },
+  },
   {
     name: 'search_bitable_records',
     description: '[Official API] Search/query records in a Bitable table.',
@@ -471,6 +568,58 @@ const TOOLS = [
       required: ['app_token', 'table_id', 'record_id', 'fields'],
     },
   },
+  {
+    name: 'delete_bitable_record',
+    description: '[Official API] Delete a record (row) from a Bitable table.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        record_id: { type: 'string', description: 'Record ID to delete' },
+      },
+      required: ['app_token', 'table_id', 'record_id'],
+    },
+  },
+  {
+    name: 'batch_create_bitable_records',
+    description: '[Official API] Batch create multiple records (rows) in a Bitable table. Max 500 per call.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        records: { type: 'array', description: 'Array of {fields: {field_name: value}} objects', items: { type: 'object' } },
+      },
+      required: ['app_token', 'table_id', 'records'],
+    },
+  },
+  {
+    name: 'batch_update_bitable_records',
+    description: '[Official API] Batch update multiple records in a Bitable table. Max 500 per call.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        records: { type: 'array', description: 'Array of {record_id, fields: {field_name: value}} objects', items: { type: 'object' } },
+      },
+      required: ['app_token', 'table_id', 'records'],
+    },
+  },
+  {
+    name: 'batch_delete_bitable_records',
+    description: '[Official API] Batch delete multiple records from a Bitable table. Max 500 per call.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        app_token: { type: 'string', description: 'Bitable app token' },
+        table_id: { type: 'string', description: 'Table ID' },
+        record_ids: { type: 'array', description: 'Array of record IDs to delete', items: { type: 'string' } },
+      },
+      required: ['app_token', 'table_id', 'record_ids'],
+    },
+  },
 
   // ========== Wiki — Official API ==========
   {
@@ -522,6 +671,33 @@ const TOOLS = [
     },
   },
 
+  // ========== Upload — Official API ==========
+  {
+    name: 'upload_image',
+    description: '[Official API] Upload an image file to Feishu. Returns image_key for use with send_image_as_user.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        image_path: { type: 'string', description: 'Absolute path to the image file on disk' },
+        image_type: { type: 'string', enum: ['message', 'avatar'], description: 'Image usage type (default: message)' },
+      },
+      required: ['image_path'],
+    },
+  },
+  {
+    name: 'upload_file',
+    description: '[Official API] Upload a file to Feishu. Returns file_key for use with send_file_as_user.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        file_path: { type: 'string', description: 'Absolute path to the file on disk' },
+        file_type: { type: 'string', enum: ['opus', 'mp4', 'pdf', 'doc', 'xls', 'ppt', 'stream'], description: 'File type (default: stream for generic files)' },
+        file_name: { type: 'string', description: 'Display file name (optional, defaults to basename)' },
+      },
+      required: ['file_path'],
+    },
+  },
+
   // ========== Contact — Official API ==========
   {
     name: 'find_user',
@@ -539,7 +715,7 @@ const TOOLS = [
 // --- Server ---
 
 const server = new Server(
-  { name: 'feishu-user-plugin', version: '1.1.3' },
+  { name: 'feishu-user-plugin', version: require('../package.json').version },
   { capabilities: { tools: {} } }
 );
 
@@ -571,8 +747,13 @@ async function handleTool(name, args) {
     case 'send_to_user': {
       const c = await getUserClient();
       const results = await c.search(args.user_name);
-      const user = results.find(r => r.type === 'user');
-      if (!user) return text(`User "${args.user_name}" not found. Results: ${JSON.stringify(results)}`);
+      const users = results.filter(r => r.type === 'user');
+      if (users.length === 0) return text(`User "${args.user_name}" not found. Results: ${JSON.stringify(results)}`);
+      if (users.length > 1) {
+        const candidates = users.slice(0, 5).map(u => `  - ${u.title} (ID: ${u.id})`).join('\n');
+        return text(`Multiple users match "${args.user_name}":\n${candidates}\nUse search_contacts to find the exact user, then create_p2p_chat + send_as_user.`);
+      }
+      const user = users[0];
       const chatId = await c.createChat(user.id);
       if (!chatId) return text(`Failed to create chat with ${user.title}`);
       const r = await c.sendMessage(chatId, args.text);
@@ -581,8 +762,13 @@ async function handleTool(name, args) {
     case 'send_to_group': {
       const c = await getUserClient();
       const results = await c.search(args.group_name);
-      const group = results.find(r => r.type === 'group');
-      if (!group) return text(`Group "${args.group_name}" not found. Results: ${JSON.stringify(results)}`);
+      const groups = results.filter(r => r.type === 'group');
+      if (groups.length === 0) return text(`Group "${args.group_name}" not found. Results: ${JSON.stringify(results)}`);
+      if (groups.length > 1) {
+        const candidates = groups.slice(0, 5).map(g => `  - ${g.title} (ID: ${g.id})`).join('\n');
+        return text(`Multiple groups match "${args.group_name}":\n${candidates}\nUse search_contacts to find the exact group, then send_as_user with the ID.`);
+      }
+      const group = groups[0];
       const r = await c.sendMessage(group.id, args.text);
       return sendResult(r, `Text sent to group "${group.title}" (${group.id})`);
     }
@@ -627,26 +813,37 @@ async function handleTool(name, args) {
       return text(chatId ? `P2P chat: ${chatId}` : 'Failed to create P2P chat');
     }
     case 'get_chat_info': {
-      const c = await getUserClient();
-      const info = await c.getGroupInfo(args.chat_id);
-      return info ? json(info) : text(`No info for chat ${args.chat_id}`);
+      // Strategy 1: Official API im.chat.get (supports oc_xxx format)
+      if (args.chat_id.startsWith('oc_')) {
+        try {
+          const info = await getOfficialClient().getChatInfo(args.chat_id);
+          return info ? json(info) : text(`No info for chat ${args.chat_id}`);
+        } catch (e) {
+          console.error(`[feishu-user-plugin] Official getChatInfo failed: ${e.message}`);
+        }
+      }
+      // Strategy 2: Protobuf gateway (supports numeric chat_id)
+      try {
+        const c = await getUserClient();
+        const info = await c.getGroupInfo(args.chat_id);
+        if (info) return json(info);
+      } catch (e) {
+        console.error(`[feishu-user-plugin] Protobuf getChatInfo failed: ${e.message}`);
+      }
+      return text(`No info for chat ${args.chat_id}`);
     }
     case 'get_user_info': {
       let n = null;
-      // Strategy 1: User identity client cache
+      // Strategy 1: Official API contact lookup (works for same-tenant users by open_id)
       try {
-        const c = await getUserClient();
-        n = await c.getUserName(args.user_id);
-        if (!n && args.user_id) {
-          await c.search(args.user_id);
-          n = await c.getUserName(args.user_id);
-        }
+        const official = getOfficialClient();
+        n = await official.getUserById(args.user_id, 'open_id');
       } catch {}
-      // Strategy 2: Official API contact lookup (works for same-tenant users)
+      // Strategy 2: User identity client cache (populated by previous search/init calls)
       if (!n) {
         try {
-          const official = getOfficialClient();
-          n = await official.getUserById(args.user_id, 'open_id');
+          const c = await getUserClient();
+          n = await c.getUserName(args.user_id);
         } catch {}
       }
       return text(n ? `User ${args.user_id}: ${n}` : `Could not resolve user ${args.user_id}. This user may be from an external tenant. Try search_contacts with the user's display name instead.`);
@@ -672,7 +869,8 @@ async function handleTool(name, args) {
       const official = getOfficialClient();
       let chatId = args.chat_id;
       let uc = null;
-      try { uc = await getUserClient(); } catch (_) {}
+      let ucError = null;
+      try { uc = await getUserClient(); } catch (e) { ucError = e; }
       // If chat_id is not numeric or oc_, try to resolve as user name → P2P chat
       if (!/^\d+$/.test(chatId) && !chatId.startsWith('oc_')) {
         if (uc) {
@@ -689,7 +887,8 @@ async function handleTool(name, args) {
             else return text(`Cannot resolve "${args.chat_id}" to a chat. Use search_contacts to find the ID first.`);
           }
         } else {
-          return text(`"${args.chat_id}" is not a valid chat ID. Provide a numeric ID or oc_xxx format. Use search_contacts + create_p2p_chat to get the ID.`);
+          const hint = ucError ? `Cookie auth failed: ${ucError.message}. Fix LARK_COOKIE first, or p` : 'P';
+          return text(`"${args.chat_id}" is not a valid chat ID. ${hint}rovide a numeric ID or oc_xxx format. Use search_contacts + create_p2p_chat to get the ID.`);
         }
       }
       return json(await official.readMessagesAsUser(chatId, {
@@ -752,15 +951,41 @@ async function handleTool(name, args) {
       return json(await getOfficialClient().searchDocs(args.query));
     case 'read_doc':
       return json(await getOfficialClient().readDoc(args.document_id));
+    case 'get_doc_blocks':
+      return json(await getOfficialClient().getDocBlocks(args.document_id));
     case 'create_doc':
       return text(`Document created: ${(await getOfficialClient().createDoc(args.title, args.folder_id)).documentId}`);
 
     // --- Official API: Bitable ---
 
+    case 'create_bitable': {
+      const r = await getOfficialClient().createBitable(args.name, args.folder_id);
+      return text(`Bitable created: ${r.appToken}${r.url ? `\nURL: ${r.url}` : ''}`);
+    }
     case 'list_bitable_tables':
       return json(await getOfficialClient().listBitableTables(args.app_token));
+    case 'create_bitable_table':
+      return text(`Table created: ${(await getOfficialClient().createBitableTable(args.app_token, args.name, args.fields)).tableId}`);
     case 'list_bitable_fields':
       return json(await getOfficialClient().listBitableFields(args.app_token, args.table_id));
+    case 'create_bitable_field': {
+      const config = { field_name: args.field_name, type: args.type };
+      if (args.property) config.property = args.property;
+      return json(await getOfficialClient().createBitableField(args.app_token, args.table_id, config));
+    }
+    case 'update_bitable_field': {
+      const config = {};
+      if (args.field_name) config.field_name = args.field_name;
+      if (args.type) config.type = args.type;
+      if (args.property) config.property = args.property;
+      return json(await getOfficialClient().updateBitableField(args.app_token, args.table_id, args.field_id, config));
+    }
+    case 'delete_bitable_field': {
+      const r = await getOfficialClient().deleteBitableField(args.app_token, args.table_id, args.field_id);
+      return text(r.deleted ? `Field ${r.fieldId} deleted` : `Field deletion returned deleted=${r.deleted}`);
+    }
+    case 'list_bitable_views':
+      return json(await getOfficialClient().listBitableViews(args.app_token, args.table_id));
     case 'search_bitable_records':
       return json(await getOfficialClient().searchBitableRecords(args.app_token, args.table_id, {
         filter: args.filter, sort: args.sort, pageSize: args.page_size,
@@ -769,6 +994,14 @@ async function handleTool(name, args) {
       return text(`Record created: ${(await getOfficialClient().createBitableRecord(args.app_token, args.table_id, args.fields)).recordId}`);
     case 'update_bitable_record':
       return text(`Record updated: ${(await getOfficialClient().updateBitableRecord(args.app_token, args.table_id, args.record_id, args.fields)).recordId}`);
+    case 'delete_bitable_record':
+      return text(`Record deleted: ${(await getOfficialClient().deleteBitableRecord(args.app_token, args.table_id, args.record_id)).deleted}`);
+    case 'batch_create_bitable_records':
+      return json(await getOfficialClient().batchCreateBitableRecords(args.app_token, args.table_id, args.records));
+    case 'batch_update_bitable_records':
+      return json(await getOfficialClient().batchUpdateBitableRecords(args.app_token, args.table_id, args.records));
+    case 'batch_delete_bitable_records':
+      return json(await getOfficialClient().batchDeleteBitableRecords(args.app_token, args.table_id, args.record_ids));
 
     // --- Official API: Wiki ---
 
@@ -791,6 +1024,17 @@ async function handleTool(name, args) {
     case 'find_user':
       return json(await getOfficialClient().findUserByIdentity({ emails: args.email, mobiles: args.mobile }));
 
+    // --- Upload ---
+
+    case 'upload_image': {
+      const r = await getOfficialClient().uploadImage(args.image_path, args.image_type);
+      return text(`Image uploaded: ${r.imageKey}\nUse this image_key with send_image_as_user to send it.`);
+    }
+    case 'upload_file': {
+      const r = await getOfficialClient().uploadFile(args.file_path, args.file_type, args.file_name);
+      return text(`File uploaded: ${r.fileKey}\nUse this file_key with send_file_as_user to send it.`);
+    }
+
     default:
       return text(`Unknown tool: ${name}`);
   }
@@ -804,7 +1048,7 @@ async function main() {
   const hasCookie = !!process.env.LARK_COOKIE;
   const hasApp = !!(process.env.LARK_APP_ID && process.env.LARK_APP_SECRET);
   const hasUAT = !!process.env.LARK_USER_ACCESS_TOKEN;
-  console.error(`[feishu-user-plugin] MCP Server v1.1.3 — ${TOOLS.length} tools`);
+  console.error(`[feishu-user-plugin] MCP Server v${require('../package.json').version} — ${TOOLS.length} tools`);
   console.error(`[feishu-user-plugin] Auth: Cookie=${hasCookie ? 'YES' : 'NO'} App=${hasApp ? 'YES' : 'NO'} UAT=${hasUAT ? 'YES' : 'NO'}`);
   if (!hasCookie) console.error('[feishu-user-plugin] WARNING: LARK_COOKIE not set — user identity tools (send_to_user, etc.) will fail');
   if (!hasApp) console.error('[feishu-user-plugin] WARNING: LARK_APP_ID/SECRET not set — official API tools (read_messages, docs, etc.) will fail');

package/src/oauth-auto.js

@@ -1,5 +1,7 @@
 #!/usr/bin/env node
-// Automated OAuth flow using Playwright — single page, no extra tabs
+// DEV ONLY: Automated OAuth using local Playwright (not used in production).
+// Uses .env directly; not migrated to config module.
+// Requires: npm install playwright (not in package.json dependencies)
 const http = require('http');
 const { chromium } = require('playwright');
 const fs = require('fs');
@@ -30,7 +32,7 @@ function saveToken(tokenData) {
     LARK_USER_ACCESS_TOKEN: tokenData.access_token,
     LARK_USER_REFRESH_TOKEN: tokenData.refresh_token || '',
     LARK_UAT_SCOPE: tokenData.scope || '',
-    LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + tokenData.expires_in)),
+    LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + (typeof tokenData.expires_in === 'number' && tokenData.expires_in > 0 ? tokenData.expires_in : 7200))),
   };
   for (const [key, val] of Object.entries(updates)) {
     const regex = new RegExp(`^${key}=.*$`, 'm');
@@ -161,29 +163,6 @@ async function run() {
     console.log('scope:', tokenData.scope);
     console.log('expires_in:', tokenData.expires_in, 's');
 
-    // Test P2P message reading
-    console.log('\n[test] Testing P2P message reading...');
-    const testRes = await fetch('https://open.feishu.cn/open-apis/im/v1/messages?container_id_type=chat&container_id=oc_97a52756ee2c4351a2a86e6aa33e8ca4&page_size=2&sort_type=ByCreateTimeDesc', {
-      headers: { 'Authorization': `Bearer ${tokenData.access_token}` },
-    });
-    const testData = await testRes.json();
-    if (testData.code === 0) {
-      console.log('[test] P2P: SUCCESS!', testData.data?.items?.length, 'messages');
-    } else {
-      console.log('[test] P2P: Error', testData.code, testData.msg);
-    }
-
-    // Test group messages
-    const grpRes = await fetch('https://open.feishu.cn/open-apis/im/v1/messages?container_id_type=chat&container_id=oc_6ae081b457d07e9651d615493b7f1096&page_size=2&sort_type=ByCreateTimeDesc', {
-      headers: { 'Authorization': `Bearer ${tokenData.access_token}` },
-    });
-    const grpData = await grpRes.json();
-    if (grpData.code === 0) {
-      console.log('[test] Group: SUCCESS!', grpData.data?.items?.length, 'messages');
-    } else {
-      console.log('[test] Group: Error', grpData.code, grpData.msg);
-    }
-
   } catch (e) {
     console.error('\nError:', e.message);
     await page.screenshot({ path: '/tmp/feishu-oauth-error.png' }).catch(() => {});

package/src/oauth.js

@@ -2,33 +2,31 @@
 /**
  * OAuth 授权脚本 — 获取带 IM 权限的 user_access_token
  *
- * 用法: node src/oauth.js
+ * 用法: npx feishu-user-plugin oauth
  *
  * 流程 (新版 End User Consent):
  * 1. 查询应用信息，提示用户选择正确的飞书账号
  * 2. 启动本地 HTTP 服务器 (端口 9997)
  * 3. 打开 accounts.feishu.cn 授权页面 (新版 OAuth 2.0)
  * 4. 用户点击"授权"后，用 /authen/v2/oauth/token 交换 token
- * 5. 保存 access_token + refresh_token 到 .env
+ * 5. 保存 token 到 MCP 配置文件
  */
 
 const http = require('http');
 const { execSync } = require('child_process');
-const fs = require('fs');
-const path = require('path');
-const dotenv = require('dotenv');
+const { readCredentials, persistToConfig } = require('./config');
 
-dotenv.config({ path: path.join(__dirname, '..', '.env') });
-
-const APP_ID = process.env.LARK_APP_ID;
-const APP_SECRET = process.env.LARK_APP_SECRET;
+const creds = readCredentials();
+const APP_ID = creds.LARK_APP_ID;
+const APP_SECRET = creds.LARK_APP_SECRET;
 const PORT = 9997;
 const REDIRECT_URI = `http://127.0.0.1:${PORT}/callback`;
 // offline_access is required to get refresh_token for auto-renewal
 const SCOPES = 'offline_access im:message im:message:readonly im:chat:readonly contact:user.base:readonly';
 
 if (!APP_ID || !APP_SECRET) {
-  console.error('Missing LARK_APP_ID or LARK_APP_SECRET in .env');
+  console.error('Missing LARK_APP_ID or LARK_APP_SECRET.');
+  console.error('Run "npx feishu-user-plugin setup" first to configure app credentials.');
   process.exit(1);
 }
 
@@ -100,10 +98,6 @@ async function exchangeCode(code) {
 }
 
 function saveToken(tokenData) {
-  const envPath = path.join(__dirname, '..', '.env');
-  let envContent = '';
-  try { envContent = fs.readFileSync(envPath, 'utf8'); } catch {}
-
   const updates = {
     LARK_USER_ACCESS_TOKEN: tokenData.access_token,
     LARK_USER_REFRESH_TOKEN: tokenData.refresh_token || '',
@@ -111,44 +105,13 @@ function saveToken(tokenData) {
     LARK_UAT_EXPIRES: String(Math.floor(Date.now() / 1000 + (typeof tokenData.expires_in === 'number' && tokenData.expires_in > 0 ? tokenData.expires_in : 7200))),
   };
 
-  for (const [key, val] of Object.entries(updates)) {
-    const regex = new RegExp(`^${key}=.*$`, 'm');
-    if (regex.test(envContent)) {
-      envContent = envContent.replace(regex, `${key}=${val}`);
-    } else {
-      envContent += `\n${key}=${val}`;
+  const ok = persistToConfig(updates);
+  if (!ok) {
+    console.error('WARNING: Tokens could not be saved to config. Copy them manually:');
+    for (const [k, v] of Object.entries(updates)) {
+      console.error(`  ${k}=${v}`);
     }
   }
-
-  fs.writeFileSync(envPath, envContent.trim() + '\n');
-
-  // Also persist to ~/.claude.json MCP config so MCP restart picks up tokens immediately
-  _persistToClaudeJson(updates);
-}
-
-function _persistToClaudeJson(updates) {
-  const claudeJsonPaths = [
-    path.join(process.env.HOME || '', '.claude.json'),
-    path.join(process.env.HOME || '', '.claude', '.claude.json'),
-  ];
-  for (const cjPath of claudeJsonPaths) {
-    try {
-      const raw = fs.readFileSync(cjPath, 'utf8');
-      const config = JSON.parse(raw);
-      const servers = config.mcpServers || {};
-      for (const name of ['feishu-user-plugin', 'feishu']) {
-        if (servers[name]?.env) {
-          Object.assign(servers[name].env, updates);
-          fs.writeFileSync(cjPath, JSON.stringify(config, null, 2) + '\n');
-          console.log(`[feishu-user-plugin] OAuth tokens persisted to ${cjPath}`);
-          return;
-        }
-      }
-    } catch (e) {
-      console.error(`[feishu-user-plugin] Failed to persist tokens to ${cjPath}: ${e.message}`);
-    }
-  }
-  console.error('[feishu-user-plugin] WARNING: Could not persist tokens to ~/.claude.json. Tokens saved to .env only — copy them to your MCP config manually.');
 }
 
 const server = http.createServer(async (req, res) => {
@@ -173,7 +136,7 @@ const server = http.createServer(async (req, res) => {
 <p>scope: ${tokenData.scope}</p>
 <p>expires_in: ${tokenData.expires_in}s</p>
 <p>refresh_token: ${hasRefresh ? '✅ 已获取（30天有效，支持自动续期）' : '❌ 未返回（token 将在 2 小时后过期，需重新授权）'}</p>
-<p>已保存到 .env，可以关闭此页面。</p>`);
+<p>已保存到 MCP 配置文件，可以关闭此页面。</p>`);
 
       console.log('\n=== OAuth 授权成功 ===');
       console.log('scope:', tokenData.scope);
@@ -185,7 +148,7 @@ const server = http.createServer(async (req, res) => {
         console.log('   - 授权时 scope 中未包含 offline_access');
         console.log('   Token 将在 2 小时后过期，届时需要重新运行此脚本。');
       }
-      console.log('token 已保存到 .env');
+      console.log('token 已保存到 MCP 配置文件');
 
       setTimeout(() => { server.close(); process.exit(0); }, 1000);
     } catch (e) {
@@ -200,6 +163,16 @@ const server = http.createServer(async (req, res) => {
   res.end('Not found');
 });
 
+server.on('error', (e) => {
+  if (e.code === 'EADDRINUSE') {
+    console.error(`\nPort ${PORT} is already in use. Another OAuth process may be running.`);
+    console.error('Wait a minute and try again, or kill the process using the port.');
+  } else {
+    console.error('Server error:', e.message);
+  }
+  process.exit(1);
+});
+
 server.listen(PORT, '127.0.0.1', async () => {
   const authUrl = `https://accounts.feishu.cn/open-apis/authen/v1/authorize?client_id=${APP_ID}&redirect_uri=${encodeURIComponent(REDIRECT_URI)}&response_type=code&scope=${encodeURIComponent(SCOPES)}`;
 
@@ -229,7 +202,8 @@ server.listen(PORT, '127.0.0.1', async () => {
   console.log('授权 URL:', authUrl);
 
   try {
-    execSync(`open "${authUrl}"`);
+    const openCmd = process.platform === 'win32' ? 'start' : process.platform === 'darwin' ? 'open' : 'xdg-open';
+    execSync(`${openCmd} "${authUrl}"`);
   } catch {
     console.log('\n请手动在浏览器中打开上面的 URL');
   }